Cybersicherheit: Kritische Infrastrukturen holen auf, doch „Risiko-Zone“ wächst (2026-05-29 14:07 UTC)
Kurz: Ein Enisa-Bericht zeigt deutliche Fortschritte durch die NIS2-Richtlinie, warnt aber vor wachsenden digitalen Gefahren in den Sektoren Raumfahrt und Transport.
Wie SSD-Zugriffszeiten zum digitalen Fingerabdruck werden (2026-05-29 13:46 UTC)
Kurz: IT-Forscher haben mit „FROST“ einen Seitenkanalangriff demonstriert, bei dem Browser über SSD-Zugriffszeiten Informationen über das Nutzerverhalten ausspähen.
ChatGPT share links abused to host fake outage pages to deliver malware (2026-05-29 18:21 UTC)
Kurz: Threat actors are abusing ChatGPT’s content-sharing feature to display fake OpenAI outage pages that direct users to download malware disguised as the ChatGPT desktop application. […]
California AG sues 23andMe over 2023 breach exposing health data (2026-05-29 18:08 UTC)
Kurz: California Attorney General Rob Bonta filed a lawsuit against 23andMe, now Chrome Holding Co., over the company’s failure to protect sensitive customer genetic and personal information. […]
From $5 Attacks to Botnet-Powered Platforms: Inside the DDoS-as-a- Service Market (2026-05-29 14:32 UTC)
Kurz: DDoS attacks are increasingly being sold like subscription services, complete with pricing tiers, support, and reseller programs. Flare explores how the DDoS-as-a-Service market has evolved from scattered tools into polished attack platform…
PAN-OS GlobalProtect Authentication Bypass (CVE-2026-0257) Under Active Exploitation (2026-05-30 06:41 UTC)
Kurz: Palo Alto Networks has warned that a recently disclosed medium-severity security flaw impacting PAN-OS and Prisma Access has come under active exploitation in the wild. The vulnerability, tracked as CVE-2026-0257 (CVSS score: 7.8), refers t…
ChatGPhish Vulnerability Turns ChatGPT Web Summaries Into a Phishing Surface (2026-05-29 18:07 UTC)
Kurz: Cybersecurity researchers have disclosed details of a vulnerability in OpenAI ChatGPT that leverages the artificial intelligence (AI) assistant’s implicit trust in Markdown links and images to trigger prompt injections and open the door to …
Attackers Use LLM Agent for Post-Exploitation After Marimo CVE-2026-39987 Exploit (2026-05-29 14:39 UTC)
Kurz: An unknown threat actor has been observed using a large language model (LLM) agent to conduct post-compromise actions after obtaining initial access following the exploitation of a publicly-accessible Marimo network using a recently disclos…